One Little “G” Can Make a Big Difference

It doesn’t matter who you are, how educated you, even if security is your profession it’s still possible to failure.  Yesterday, everyone was talking about the cool Google Home Page created to celebrate the birthday of guitar genius Les Paul. Today, I will admit how stupid even I can be.

Naturally, I followed my own advice and instead of clicking on one of my friends links posted on Facebook, I manually typed in the Google URL. The only problem is I screwed up big time and typed
G-o-g-g-l-e-.-c-o-m instead of
G-o-o-g-l-e-.-c-o-m. 
Well, unlike Google, the folks at Goggle are anxious to do evil.

Normally, the first screen would have given me a clue but I wasn’t paying full attention. I figured, “it was Google, one of my partners so it must be legit”.

I still never noticed the misspelling.  I knew they would be getting extra traffic due to the Les Paul screen so I figured they’d use this day to run a special promotion.

After a few simple questions I received the following screen.

Again, I figured, Google already had my phone number and Email so what’s the big deal giving it to them to validate my information. Since I was multitasking at the time, I still didn’t notice the obvious misspelling of the main logo.

Ironically, I appreciate that these scammers at least verified I was entering a valid phone number. If not, anyone could use their site to harass unsuspecting cell phone users around the country.

 

Finally, I woke up.  As soon as I started to see mentions of a bank card and other companies I knew something was wrong.  Yet, I still never thought to check my spelling. My first thought was to check my HOST file and scan for malware.  I even copy and pasted the URL into another browser to verify the address without noticing the spelling error.

The next slap in the face came when my cell phone rang with a call from 877-729-0716.  The caller identified himself as “Education Experts”.  They obviously were connected to this scam so instead of listening to their sales pitch I encouraged the telemarketer to find a job with a reputable company.

It still took my brain a couple minutes to realize my typo. I don’t remember ever doing this before but I hope I’ve learned my lesson.  Watch your typing and give your browser your full attention so this doesn’t happen to you.  ;)

QuickTime Most Popular Unwanted File

The release of Windows 95 was suppose to spell the end of Microsoft’s 8.3 filename specifications.  The folks in Redmond hailed the era of long filenames that would provide better descriptions of what a file would be used for. Unfortunately, years later Microsoft and others continue to use filenames which are small and non-descriptive.

WinPatrol PLUS is a program which allows users to click on a filename and read an description of a file and find out if it’s required. Apple Computer once bragged about long filenames but stick their files with cryptic filename into Windows Startup Programs and have them running in the background.

One of the ones most commonly requested belongs to QuickTime and tends to stick itself back into the autorun registry frequently. Below is the results from our online Cloud stats.

QTTASK.EXE – Apple’s QuickTime Player

8,425 Requests for information on this file.
47,426 Users chose to allow this file to run.
105,864 Users decided to prevent this file from running.

Apple’s QuickTime holds the record for the file WinPatrol users want removed. It doesn’t help that Apple keeps trying to put QTTASK.exe back even after it’s removed. Luckily, WinPatrol has a Disable function so we can automatically remove it without any alert messages.

More Mystery Files
There are plenty of other filenames which WinPatrol users were confused about and/or wanted more information. You’ll notice most users made their decision without checking the Info that is available to WinPatrol PLUS members.

The 1st number represents how many times a WinPatrol PLUS member requested an explanation or description of a filename.
The 2nd number indicates how many times, when alerted, a user clicked on “Yes” to say they approved the file and wanted it to continue loading. 
The 3rd number indicates a user clicked No. It can also indicate the filename was found in one of WinPatrol’s lists and made the decision to remove the file entry from the registry or kill the file while it was running.

ADOBEARM.exe - Adobe Acrobat Reader Manager

7,254  Requests for information on this file.
51,676  Users chose to allow this file to run.
61,017  Users decided to prevent this file from running.

IGFXTRAY.EXE - INTEL Graphics Card System Tray Icon

4,083  Requests for information on this file.
9,815  Users chose to allow this file to run.
11,799 Users decided to prevent this file from running.

MSSECES.EXE - Microsoft Security Essentials

4,812 Requests for information on this file.
32,440 Users chose to allow this file to run.
13,342 Users decided to prevent this file from running.

GOOGLEUPDATE.EXE - Google Automatic Update

4,001 Requests for information on this file.
49,317 Users chose to allow this file to run.
30,362 Users decided to prevent this file from running.

JUSCHED.EXE - Sun's Java Plug-in Updater

6,485 Requests for information on this file.
68,538 Users chose to allow this file to run.
56,428 Users decided to prevent this file from running.

CTFMON.exe - Alternative User Input Text Manager

2,508  Requests for information on this file.
6,521 Users chose to allow this file to run.
18,240 Users decided to prevent this file from running.